API Reference

Getting Started

Endpoints

Reference

v1.0.2 Stable

Xyno API

Integrate reliable unlocking and flashing capabilities directly into your applications. Built for high-volume enterprise usage with 99.9% uptime.

BASE_URL https://api.xynocompany.com/v1

Authentication

All API requests must be authenticated using the x-api-key header. We have transitioned to API Key authentication for enhanced security.

Generate and manage your API keys from your Dashboard > Profile section.

GET

/public/app/info

Retrieves the current operational status of all services, latest news, and pricing configuration. This endpoint is public and does not require authentication.

Query Parameters

No parameters required.
JSON Response 200 OK 
    {
      "success": true,
      "code": 200,
      "data": {
        "services": [
          {
            "service_name": "XIAOMI QUALCOMM",
            "price": 6,
            "status": 1
          }
        ]
      }
    }
POST

/service/request

Submit a new job to the processing queue. Requests must use JSON format with application/json content type.

Body Parameters

  • serviceid String ID corresponding to the desired service.
  • configblob The device token or data blob.
cURL Request 
    curl -X POST https://api.xynocompany.com/v1/service/request \
      -H "x-api-key: YOUR_API_KEY" \
      -H "Content-Type: application/json" \
      -d '{
        "serviceid": "1",
        "configblob": "..."
      }'
Response (Success) 200 OK 
    {
      "success": true,
      "code": 200,
      "message": "Signature Key Auth HEX256..."
    }

Service IDs

ID Service Name Category
1 Xiaomi Qualcomm Flash Auth
2 Xiaomi FRP Unlock Auth
3 Xiaomi Bootloader Unlock Auth
4 Xiaomi FB to EDL Auth
5 Xiaomi MTK V5 Auth
6 Xiaomi MTK V6 (Legacy) Auth
7 Xiaomi MTK V5 (New Security) Auth
8 Xiaomi MTK V6 (New Security) Auth

Config Blob Guidelines

Detailed formatting requirements for the `configblob` parameter by Service ID.

Service ID 1 (Qualcomm Flash)

RAW STRING

Direct token string. No JSON wrapping required.

AQAAAG0BAADvKry0kyW-pkHoY2JA1qTwycooRg

Service ID 2 (FRP)

BASE64 JSON

JSON object containing `productName`, `deviceName`, and `token`, then Base64 encoded.

1. Construct JSON 
    {
      "productName": "XIAOMI GLOBAL",
      "deviceName": "ruby_lm_ms_global", 
      "token": "PVQECNgEQ..." 
    }
2. Encode to Base64 (Send this) eyJwcm9kdWN0TmFtZSIgOiAiWElBT01JIEdMT0JBTCIsImRldmljZU5hbWUiIDogInJ1YnlfbG1fbXNfZ2xvYmFsIiwgInRva2VuIiA6ICJQVlFFQ05nRVFNREV6TW1JNFlURTNZalkzWXpOaVl3SWN1cjYxN1lQT0YvWjA4ZE1kSWRLMUkyOU0rQUZVQm1ickFsNm1Gd01FY25WaWVRPT0iIH0=

Service ID 3 & 4 (Bootloader / EDL)

BASE64 JSON
1. Construct JSON 
{"productName":"alioth", "token":"VQEBIAEQ..."}
2. Encode to Base64 Base64EncodedString==

Service ID 5 & 6 (MTK Legacy)

RAW STRING

Direct token string.

AgAAAAE0AiAAvJSQamrqrsAopTERugMQnpPBX0cwC3sUI6laqQ8kaQ==

Service ID 7 & 8 (MTK New Security)

BASE64 JSON

JSON object containing `Platformname`, `ProjectName`, and `Token`.

1. Construct JSON 
    {
      "Platformname": "MT6811",
      "ProjectName": "klimt", 
      "Token": "AgAAAAE0Ai..." 
    }
2. Encode to Base64 eyJQbGF0Zm9ybW5hbWUiOiJNVDY4MTEiLCJQcm9qZWN0TmFtZSI6ImtsaW10IiwiVG9rZW4iOiJBZ0FBQUFFMEFpQUF2SlNRYW1ycXJzQW9wVEVSdWdNUW5wUEJYMGN3QzNzVUk2bGFxUThrYVE9PSJ9